dropuser removes an existing
- and the databases which that user owned.
- Only superusers (users with usesuper set in
- the pg_shadow table) can destroy
+ Only superusers and users with the CREATEROLE privilege can
+ remove
PostgreSQL users. (To remove a
+ superuser, you must yourself be a superuser.)
dropuser is a wrapper around the
- endterm="SQL-DROPUSER-title">.
+ endterm="SQL-DROPROLE-title">.
There is no effective difference between dropping users via
this utility and via other methods for accessing the server.
username
- Specifies the name of the
PostgreSQL user to be removed.
- You will be prompted for a name if none is specified on the command line.
+
Specifies the name of the
PostgreSQL user to be removed.
+ You will be prompted for a name if none is specified on the command line.
Echo the commands that
dropuser generates
- and sends to the server.
+ and sends to the server.
- Specifies the host name of the machine on which the
- server
- is running. If the value begins with a slash, it is used
- as the directory for the Unix domain socket.
+ Specifies the host name of the machine on which the
+ server
+ is running. If the value begins with a slash, it is used
+ as the directory for the Unix domain socket.
- Specifies the TCP port or local Unix domain socket file
- extension on which the server
- is listening for connections.
+ Specifies the TCP port or local Unix domain socket file
+ extension on which the server
+ is listening for connections.
Diagnostics
- In case of difficulty, see USER"
- endterm="sql-dropuser-title"> and for
+ In case of difficulty, see ROLE"
+ endterm="sql-droprole-title"> and for
discussions of potential problems and error messages.
The database server must be running at the
targeted host. Also, any default connection settings and environment
server:
-DROP USER
+DROP ROLE
command:
$ dropuser -p 5000 -h eden -i -e joe
-User "joe" and any owned databases will be permanently deleted.
+Role "joe" will be permanently removed.
Are you sure? (y/n) y
-DROP USER "joe"
-DROP USER
+DROP ROLE "joe"
+DROP ROLE
- user" endterm="sql-dropuser-title">
+ role" endterm="sql-droprole-title">
Environment Variables ()
If corruption is suspected in the indexes of any of the shared
- system catalogs (pg_database,
- pg_group,
- pg_shadow, or
+ system catalogs (pg_authid,
+ pg_auth_members,
+ pg_database,
+ pg_shdepend, or
pg_tablespace), then a standalone server
must be used to repair it. REINDEX will not process
shared catalogs in multiuser mode.
SELECT attrelid::regclass, array_accum(attname)
FROM pg_attribute
- WHERE attnum > 0 AND attrelid = 'pg_user'::regclass
+ WHERE attnum > 0 AND attrelid = 'pg_tablespace'::regclass
GROUP BY attrelid;
- attrelid | array_accum
-----------+-----------------------------------------------------------------------------
- pg_user | {usename,usesysid,usecreatedb,usesuper,usecatupd,passwd,valuntil,useconfig}
+ attrelid | array_accum
+---------------+---------------------------------------
+ pg_tablespace | {spcname,spcowner,spclocation,spcacl}
(1 row)
SELECT attrelid::regclass, array_accum(atttypid)
FROM pg_attribute
- WHERE attnum > 0 AND attrelid = 'pg_user'::regclass
+ WHERE attnum > 0 AND attrelid = 'pg_tablespace'::regclass
GROUP BY attrelid;
- attrelid | array_accum
-----------+------------------------------
- pg_user | {19,23,16,16,16,25,702,1009}
+ attrelid | array_accum
+---------------+-----------------
+ pg_tablespace | {19,26,25,1034}
(1 row)
* Portions Copyright (c) 1996-2005, PostgreSQL Global Development Group
* Portions Copyright (c) 1994, Regents of the University of California
*
- * $PostgreSQL: pgsql/src/backend/libpq/crypt.c,v 1.64 2005/06/29 22:51:54 tgl Exp $
+ * $PostgreSQL: pgsql/src/backend/libpq/crypt.c,v 1.65 2005/08/15 02:40:25 tgl Exp $
*
*-------------------------------------------------------------------------
*/
if (shadow_pass == NULL || *shadow_pass == '\0')
return STATUS_ERROR;
- /* We can't do crypt with pg_shadow MD5 passwords */
+ /* We can't do crypt with MD5 passwords */
if (isMD5(shadow_pass) && port->auth_method == uaCrypt)
{
ereport(LOG,
crypt_pwd = palloc(MD5_PASSWD_LEN + 1);
if (isMD5(shadow_pass))
{
- /* pg_shadow already encrypted, only do salt */
+ /* stored password already encrypted, only do salt */
if (!EncryptMD5(shadow_pass + strlen("md5"),
(char *) port->md5Salt,
sizeof(port->md5Salt), crypt_pwd))
}
else
{
- /* pg_shadow plain, double-encrypt */
+ /* stored password is plain, double-encrypt */
char *crypt_pwd2 = palloc(MD5_PASSWD_LEN + 1);
if (!EncryptMD5(shadow_pass,
default:
if (isMD5(shadow_pass))
{
- /*
- * Encrypt user-supplied password to match MD5 in
- * pg_shadow
- */
+ /* Encrypt user-supplied password to match stored MD5 */
crypt_client_pass = palloc(MD5_PASSWD_LEN + 1);
if (!EncryptMD5(client_pass,
port->user_name,
# "host" is either a plain or SSL-encrypted TCP/IP socket, "hostssl" is an
# SSL-encrypted TCP/IP socket, and "hostnossl" is a plain TCP/IP socket.
#
-# DATABASE can be "all", "sameuser", "samegroup", a database name, or
+# DATABASE can be "all", "sameuser", "samerole", a database name, or
# a comma-separated list thereof.
#
# USER can be "all", a user name, a group name prefixed with "+", or
#
# Database and user names containing spaces, commas, quotes and other special
# characters must be quoted. Quoting one of the keywords "all", "sameuser" or
-# "samegroup" makes the name lose its special character, and just match a
+# "samerole" makes the name lose its special character, and just match a
# database or username with that name.
#
# This file is read on server startup and when the postmaster receives
*
* All code should use either of these two functions to find out
* whether a given user is a superuser, rather than examining
- * pg_shadow.usesuper directly, so that the escape hatch built in for
+ * pg_authid.rolsuper directly, so that the escape hatch built in for
* the single-user case works.
*
*
*
*
* IDENTIFICATION
- * $PostgreSQL: pgsql/src/backend/utils/misc/superuser.c,v 1.32 2005/06/28 05:09:02 tgl Exp $
+ * $PostgreSQL: pgsql/src/backend/utils/misc/superuser.c,v 1.33 2005/08/15 02:40:26 tgl Exp $
*
*-------------------------------------------------------------------------
*/
* Portions Copyright (c) 1996-2005, PostgreSQL Global Development Group
* Portions Copyright (c) 1994, Regents of the University of California
*
- * $PostgreSQL: pgsql/src/bin/scripts/dropuser.c,v 1.14 2005/06/21 04:02:33 tgl Exp $
+ * $PostgreSQL: pgsql/src/bin/scripts/dropuser.c,v 1.15 2005/08/15 02:40:28 tgl Exp $
*
*-------------------------------------------------------------------------
*/
}
if (dropuser == NULL)
- dropuser = simple_prompt("Enter name of user to drop: ", 128, true);
+ dropuser = simple_prompt("Enter name of role to drop: ", 128, true);
if (interactive)
{
char *reply;
- printf(_("User \"%s\" will be permanently removed.\n"), dropuser);
+ printf(_("Role \"%s\" will be permanently removed.\n"), dropuser);
reply = simple_prompt("Are you sure? (y/n) ", 1, true);
if (check_yesno_response(reply) != 1)
exit(0);
}
initPQExpBuffer(&sql);
- appendPQExpBuffer(&sql, "DROP USER %s;\n", fmtId(dropuser));
+ appendPQExpBuffer(&sql, "DROP ROLE %s;\n", fmtId(dropuser));
conn = connectDatabase("postgres", host, port, username, password, progname);
if (PQresultStatus(result) != PGRES_COMMAND_OK)
{
- fprintf(stderr, _("%s: removal of user \"%s\" failed: %s"),
+ fprintf(stderr, _("%s: removal of role \"%s\" failed: %s"),
progname, dropuser, PQerrorMessage(conn));
PQfinish(conn);
exit(1);
PQfinish(conn);
if (!quiet)
{
- puts("DROP USER");
+ puts("DROP ROLE");
fflush(stdout);
}
exit(0);
t
(1 row)
-select has_table_privilege(t2.usesysid,'pg_authid','update')
-from (select usesysid from pg_user where usename = current_user) as t2;
+select has_table_privilege(t2.oid,'pg_authid','update')
+from (select oid from pg_roles where rolname = current_user) as t2;
has_table_privilege
---------------------
t
(1 row)
-select has_table_privilege(t2.usesysid,'pg_authid','delete')
-from (select usesysid from pg_user where usename = current_user) as t2;
+select has_table_privilege(t2.oid,'pg_authid','delete')
+from (select oid from pg_roles where rolname = current_user) as t2;
has_table_privilege
---------------------
t
t
(1 row)
-select has_table_privilege(t2.usesysid,t1.oid,'select')
+select has_table_privilege(t2.oid,t1.oid,'select')
from (select oid from pg_class where relname = 'pg_authid') as t1,
- (select usesysid from pg_user where usename = current_user) as t2;
+ (select oid from pg_roles where rolname = current_user) as t2;
has_table_privilege
---------------------
t
(1 row)
-select has_table_privilege(t2.usesysid,t1.oid,'insert')
+select has_table_privilege(t2.oid,t1.oid,'insert')
from (select oid from pg_class where relname = 'pg_authid') as t1,
- (select usesysid from pg_user where usename = current_user) as t2;
+ (select oid from pg_roles where rolname = current_user) as t2;
has_table_privilege
---------------------
t
f
(1 row)
-select has_table_privilege(t2.usesysid,'pg_class','update')
-from (select usesysid from pg_user where usename = current_user) as t2;
+select has_table_privilege(t2.oid,'pg_class','update')
+from (select oid from pg_roles where rolname = current_user) as t2;
has_table_privilege
---------------------
f
(1 row)
-select has_table_privilege(t2.usesysid,'pg_class','delete')
-from (select usesysid from pg_user where usename = current_user) as t2;
+select has_table_privilege(t2.oid,'pg_class','delete')
+from (select oid from pg_roles where rolname = current_user) as t2;
has_table_privilege
---------------------
f
f
(1 row)
-select has_table_privilege(t2.usesysid,t1.oid,'select')
+select has_table_privilege(t2.oid,t1.oid,'select')
from (select oid from pg_class where relname = 'pg_class') as t1,
- (select usesysid from pg_user where usename = current_user) as t2;
+ (select oid from pg_roles where rolname = current_user) as t2;
has_table_privilege
---------------------
t
(1 row)
-select has_table_privilege(t2.usesysid,t1.oid,'insert')
+select has_table_privilege(t2.oid,t1.oid,'insert')
from (select oid from pg_class where relname = 'pg_class') as t1,
- (select usesysid from pg_user where usename = current_user) as t2;
+ (select oid from pg_roles where rolname = current_user) as t2;
has_table_privilege
---------------------
f
f
(1 row)
-select has_table_privilege(t2.usesysid,'atest1','update')
-from (select usesysid from pg_user where usename = current_user) as t2;
+select has_table_privilege(t2.oid,'atest1','update')
+from (select oid from pg_roles where rolname = current_user) as t2;
has_table_privilege
---------------------
f
(1 row)
-select has_table_privilege(t2.usesysid,'atest1','delete')
-from (select usesysid from pg_user where usename = current_user) as t2;
+select has_table_privilege(t2.oid,'atest1','delete')
+from (select oid from pg_roles where rolname = current_user) as t2;
has_table_privilege
---------------------
f
f
(1 row)
-select has_table_privilege(t2.usesysid,t1.oid,'select')
+select has_table_privilege(t2.oid,t1.oid,'select')
from (select oid from pg_class where relname = 'atest1') as t1,
- (select usesysid from pg_user where usename = current_user) as t2;
+ (select oid from pg_roles where rolname = current_user) as t2;
has_table_privilege
---------------------
t
(1 row)
-select has_table_privilege(t2.usesysid,t1.oid,'insert')
+select has_table_privilege(t2.oid,t1.oid,'insert')
from (select oid from pg_class where relname = 'atest1') as t1,
- (select usesysid from pg_user where usename = current_user) as t2;
+ (select oid from pg_roles where rolname = current_user) as t2;
has_table_privilege
---------------------
f
select has_table_privilege(current_user,'pg_authid','select');
select has_table_privilege(current_user,'pg_authid','insert');
-select has_table_privilege(t2.usesysid,'pg_authid','update')
-from (select usesysid from pg_user where usename = current_user) as t2;
-select has_table_privilege(t2.usesysid,'pg_authid','delete')
-from (select usesysid from pg_user where usename = current_user) as t2;
+select has_table_privilege(t2.oid,'pg_authid','update')
+from (select oid from pg_roles where rolname = current_user) as t2;
+select has_table_privilege(t2.oid,'pg_authid','delete')
+from (select oid from pg_roles where rolname = current_user) as t2;
select has_table_privilege(current_user,t1.oid,'rule')
from (select oid from pg_class where relname = 'pg_authid') as t1;
select has_table_privilege(current_user,t1.oid,'references')
from (select oid from pg_class where relname = 'pg_authid') as t1;
-select has_table_privilege(t2.usesysid,t1.oid,'select')
+select has_table_privilege(t2.oid,t1.oid,'select')
from (select oid from pg_class where relname = 'pg_authid') as t1,
- (select usesysid from pg_user where usename = current_user) as t2;
-select has_table_privilege(t2.usesysid,t1.oid,'insert')
+ (select oid from pg_roles where rolname = current_user) as t2;
+select has_table_privilege(t2.oid,t1.oid,'insert')
from (select oid from pg_class where relname = 'pg_authid') as t1,
- (select usesysid from pg_user where usename = current_user) as t2;
+ (select oid from pg_roles where rolname = current_user) as t2;
select has_table_privilege('pg_authid','update');
select has_table_privilege('pg_authid','delete');
select has_table_privilege(current_user,'pg_class','select');
select has_table_privilege(current_user,'pg_class','insert');
-select has_table_privilege(t2.usesysid,'pg_class','update')
-from (select usesysid from pg_user where usename = current_user) as t2;
-select has_table_privilege(t2.usesysid,'pg_class','delete')
-from (select usesysid from pg_user where usename = current_user) as t2;
+select has_table_privilege(t2.oid,'pg_class','update')
+from (select oid from pg_roles where rolname = current_user) as t2;
+select has_table_privilege(t2.oid,'pg_class','delete')
+from (select oid from pg_roles where rolname = current_user) as t2;
select has_table_privilege(current_user,t1.oid,'rule')
from (select oid from pg_class where relname = 'pg_class') as t1;
select has_table_privilege(current_user,t1.oid,'references')
from (select oid from pg_class where relname = 'pg_class') as t1;
-select has_table_privilege(t2.usesysid,t1.oid,'select')
+select has_table_privilege(t2.oid,t1.oid,'select')
from (select oid from pg_class where relname = 'pg_class') as t1,
- (select usesysid from pg_user where usename = current_user) as t2;
-select has_table_privilege(t2.usesysid,t1.oid,'insert')
+ (select oid from pg_roles where rolname = current_user) as t2;
+select has_table_privilege(t2.oid,t1.oid,'insert')
from (select oid from pg_class where relname = 'pg_class') as t1,
- (select usesysid from pg_user where usename = current_user) as t2;
+ (select oid from pg_roles where rolname = current_user) as t2;
select has_table_privilege('pg_class','update');
select has_table_privilege('pg_class','delete');
select has_table_privilege(current_user,'atest1','select');
select has_table_privilege(current_user,'atest1','insert');
-select has_table_privilege(t2.usesysid,'atest1','update')
-from (select usesysid from pg_user where usename = current_user) as t2;
-select has_table_privilege(t2.usesysid,'atest1','delete')
-from (select usesysid from pg_user where usename = current_user) as t2;
+select has_table_privilege(t2.oid,'atest1','update')
+from (select oid from pg_roles where rolname = current_user) as t2;
+select has_table_privilege(t2.oid,'atest1','delete')
+from (select oid from pg_roles where rolname = current_user) as t2;
select has_table_privilege(current_user,t1.oid,'rule')
from (select oid from pg_class where relname = 'atest1') as t1;
select has_table_privilege(current_user,t1.oid,'references')
from (select oid from pg_class where relname = 'atest1') as t1;
-select has_table_privilege(t2.usesysid,t1.oid,'select')
+select has_table_privilege(t2.oid,t1.oid,'select')
from (select oid from pg_class where relname = 'atest1') as t1,
- (select usesysid from pg_user where usename = current_user) as t2;
-select has_table_privilege(t2.usesysid,t1.oid,'insert')
+ (select oid from pg_roles where rolname = current_user) as t2;
+select has_table_privilege(t2.oid,t1.oid,'insert')
from (select oid from pg_class where relname = 'atest1') as t1,
- (select usesysid from pg_user where usename = current_user) as t2;
+ (select oid from pg_roles where rolname = current_user) as t2;
select has_table_privilege('atest1','update');
select has_table_privilege('atest1','delete');
-- Portions Copyright (c) 1996-2005, PostgreSQL Global Development Group
-- Portions Copyright (c) 1994, Regents of the University of California
--
--- $PostgreSQL: pgsql/src/tutorial/syscat.source,v 1.14 2004/12/31 22:04:05 pgsql Exp $
+-- $PostgreSQL: pgsql/src/tutorial/syscat.source,v 1.15 2005/08/15 02:40:36 tgl Exp $
--
---------------------------------------------------------------------------
SET SEARCH_PATH TO pg_catalog;
--
--- lists the name of all database adminstrators and the name of their
--- database(s)
+-- lists the names of all database owners and the name of their database(s)
--
-SELECT usename, datname
- FROM pg_user, pg_database
- WHERE usesysid = datdba
- ORDER BY usename, datname;
+SELECT rolname, datname
+ FROM pg_roles, pg_database
+ WHERE pg_roles.oid = datdba
+ ORDER BY rolname, datname;
--
-- lists all user-defined classes
--
-- lists all user-defined base types (not including array types)
--
-SELECT n.nspname, u.usename, format_type(t.oid, null) as typname
- FROM pg_type t, pg_user u, pg_namespace n
- WHERE u.usesysid = t.typowner
+SELECT n.nspname, r.rolname, format_type(t.oid, null) as typname
+ FROM pg_type t, pg_roles r, pg_namespace n
+ WHERE r.oid = t.typowner
and t.typnamespace = n.oid
- and t.typrelid = '0'::oid -- no complex types
- and t.typelem = '0'::oid -- no arrays
- and n.nspname not like 'pg\\_%' -- no catalogs
+ and t.typrelid = 0 -- no complex types
+ and t.typelem = 0 -- no arrays
+ and n.nspname not like 'pg\\_%' -- no built-in types
and n.nspname != 'information_schema' -- no information_schema
- ORDER BY nspname, usename, typname;
+ ORDER BY nspname, rolname, typname;
--
projects / postgresql.git / commitdiff